New sampling-based summary statistics for improving approximate query answers
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
On power-law relationships of the Internet topology
Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
LOF: identifying density-based local outliers
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
Estimating the Selectivity of Spatial Queries Using the `Correlation' Fractal Dimension
VLDB '95 Proceedings of the 21th International Conference on Very Large Data Bases
Bursty and hierarchical structure in streams
Proceedings of the eighth ACM SIGKDD international conference on Knowledge discovery and data mining
Data Mining Meets Performance Evaluation: Fast Algorithms for Modeling Bursty Traffic
ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Proceedings of the ninth ACM SIGKDD international conference on Knowledge discovery and data mining
The link prediction problem for social networks
CIKM '03 Proceedings of the twelfth international conference on Information and knowledge management
Fully automatic cross-associations
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
Eigenspace-based anomaly detection in computer systems
Proceedings of the tenth ACM SIGKDD international conference on Knowledge discovery and data mining
AutoPart: parameter-free graph partitioning and outlier detection
PKDD '04 Proceedings of the 8th European Conference on Principles and Practice of Knowledge Discovery in Databases
Mining anomalies using traffic feature distributions
Proceedings of the 2005 conference on Applications, technologies, architectures, and protocols for computer communications
Mining compressed frequent-pattern sets
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Group formation in large social networks: membership, growth, and evolution
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Beyond streams and graphs: dynamic tensor analysis
Proceedings of the 12th ACM SIGKDD international conference on Knowledge discovery and data mining
Application of a network dynamics analysis tool to mobile ad hoc networks
Proceedings of the 9th ACM international symposium on Modeling analysis and simulation of wireless and mobile systems
Estimating rates of rare events at multiple resolutions
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
Evolutionary spectral clustering by incorporating temporal smoothness
Proceedings of the 13th ACM SIGKDD international conference on Knowledge discovery and data mining
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Random walk with restart: fast solutions and applications
Knowledge and Information Systems
ACM Computing Surveys (CSUR)
Trajectory Outlier Detection: A Partition-and-Detect Framework
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Network anomaly detection based on Eigen equation compression
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
BGP-lens: patterns and anomalies in internet routing updates
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
OddBall: spotting anomalies in weighted graphs
PAKDD'10 Proceedings of the 14th Pacific-Asia conference on Advances in Knowledge Discovery and Data Mining - Volume Part II
It's who you know: graph mining using recursive structural features
Proceedings of the 17th ACM SIGKDD international conference on Knowledge discovery and data mining
RolX: structural role extraction & mining in large graphs
Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining
Network Anomaly Detection Using Co-clustering
ASONAM '12 Proceedings of the 2012 International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2012)
Hi-index | 0.00 |
Advances in data collection and storage capacity have made it increasingly possible to collect highly volatile graph data for analysis. Existing graph analysis techniques are not appropriate for such data, especially in cases where streaming or near-real-time results are required. An example that has drawn significant research interest is the cyber-security domain, where internet communication traces are collected and real-time discovery of events, behaviors, patterns, and anomalies is desired. We propose MetricForensics, a scalable framework for analysis of volatile graphs. MetricForensics combines a multi-level "drill down" approach, a collection of user-selected graph metrics, and a collection of analysis techniques. At each successive level, more sophisticated metrics are computed and the graph is viewed at finer temporal resolutions. In this way, MetricForensics scales to highly volatile graphs by only allocating resources for computationally expensive analysis when an interesting event is discovered at a coarser resolution first. We test MetricForensics on three real-world graphs: an enterprise IP trace, a trace of legitimate and malicious network traffic from a research institution, and the MIT Reality Mining proximity sensor data. Our largest graph has 3M vertices and 32M edges, spanning 4.5 days. The results demonstrate the scalability and capability of MetricForensics in analyzing volatile graphs; and highlight four novel phenomena in such graphs: elbows, broken correlations, prolonged spikes, and lightweight stars.